Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

9

zonesszanp...��.exe

windows7-x64

8

zonesszanp...��.exe

windows10-2004-x64

8

zonesszanp...EL.dll

windows7-x64

8

zonesszanp...EL.dll

windows10-2004-x64

8

zonesszanp...��.url

windows7-x64

1

zonesszanp...��.url

windows10-2004-x64

1

zonesszanp...��.url

windows7-x64

1

zonesszanp...��.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    53f3ec84c576030aa0ae3b2c25c5999e8efa5fd924ec4a2d09c3368a12b82f92

  • Size

    1.1MB

  • Sample

    221125-xwhj4scb5y

  • MD5

    a0911f8e1568b42a623a93fa7ae4bd4a

  • SHA1

    2db3ef2e1960bf7ddaab36c722e847ed59ba3c18

  • SHA256

    53f3ec84c576030aa0ae3b2c25c5999e8efa5fd924ec4a2d09c3368a12b82f92

  • SHA512

    2d9e473055cfc7e3345c0ece57252d3ac7c3de26cae935429e7c695fd8031594fc518b6d527e82b4a91b371c878f6389627dee628e46d2de6e78f9e72353967c

  • SSDEEP

    24576:eO6zCID74LVuKp8Mly9CeHmSqvHqZICaaGaQGOEA+U+gYt4FoSZRlg:eOiV0LsKpjlACeIqZI3nahA+U/FoSHG

Score
9/10
persistenceupx

Malware Config

Targets

    • Target

      zonesszanpinglun-v1.0/QQ空间秒赞秒评论(秒赞贴吧).exe

    • Size

      1.6MB

    • MD5

      f29d9bca9f069a84076593270496e3a1

    • SHA1

      a6f907bd2dfdd4ab81f9ebe3cb070c5430ed8632

    • SHA256

      d30c3cf612a35cf8bd52582f006afb580ebdad17c648a09b54cf6bbb2fd6ee57

    • SHA512

      4915962d2ead9bf33433d778b34abd2ccad4367d8adf191ec0d9e7551bfc8fa5d0e50d60fee4fa1feef8e3bff3d9c3c285e3d7513743afed1221fd3f9c8c7dbf

    • SSDEEP

      24576:B6m4SE6FSbxSDQxlTZaqdiXSp0c02uFG6dAk3CMbES:BXEJAAlTZaqdwk0c05HGibN

    Score
    8/10
    upxpersistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

    • Target

      zonesszanpinglun-v1.0/SkinH_EL.dll

    • Size

      86KB

    • MD5

      147127382e001f495d1842ee7a9e7912

    • SHA1

      92d1ed56032183c75d4b57d7ce30b1c4ae11dc9b

    • SHA256

      edf679c02ea2e170e67ab20dfc18558e2bfb4ee5d59eceeaea4b1ad1a626c3cc

    • SHA512

      97f5ae90a1bbacfe39b9e0f2954c24f9896cc9dca9d14364c438862996f3bbc04a4aa515742fccb3679d222c1302f5bb40c7eaddd6b5859d2d6ef79490243a4d

    • SSDEEP

      1536:s5Np2dgZgIehUUS3E1Ujmrvl179D53UWnGQRJZiXRmrCnKptnouy8K:s5Np2dlUX0+Cx17F8QRJZKmOK3outK

    Score
    8/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3behavioral4

    • Target

      zonesszanpinglun-v1.0/去脚本之家看看.url

    • Size

      124B

    • MD5

      9d9c794d654383c012286b258556fe46

    • SHA1

      8266c2159f57859ff102df419a94157a2ccef61f

    • SHA256

      c4965fa0cf71f391518797b3cc3b7ffef0ec991c5266f5f9cc90298a7da7e1da

    • SHA512

      28b9a9519a0fb7e826adaf43e76dfd11df323f20ab3089ec53c6263a51c06635c9d0b0a325cb7d20f7db42734dc257666e77d63be620aca34cdb13b766da9bbe

    Score
    1/10
    behavioral5behavioral6

    • Target

      zonesszanpinglun-v1.0/服务器软件.url

    • Size

      112B

    • MD5

      db4aa2c6c4e0555b3968690756e24836

    • SHA1

      96933b815ecdcf2fd43bd2ef036260029a633801

    • SHA256

      c85359e7af5e102716e42f659fd5c1931b553761898714ccbb261883a03f40e1

    • SHA512

      6ca491f92f9990d706b75e7ff091f8c025de7d9dc438aa25cf6e8baa87e750f6f0490e9923d82aa00ac074b572468349ed52c2765ec1fd3183a9ea146a2ff5c3

    Score
    1/10
    behavioral7behavioral8

MITRE ATT&CK Enterprise v6

Tasks